Due to the recent inclusion of the TPM_TIS_SPI patches to the mainline kernel
and the consequent backports to v4.9.x and 4.11.x it's now much easier to get
the support for the LetsTrust TPM up and running.
No more patching necessary!

Then we have to enable the TPM Support in the Kernel via make menuconfig$ make ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- menuconfig
In this gui navigate toDevice Drivers
---> Character devices
---> TPM Hardware Support
and press M (for Module) or Y (for build-in support)
Then press enter to get into the subdirectory and select ---> TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)
also again either via M or Y

If you want to use the TPM's HardwareNumberGenerator feature, please select---> Hardware Random Number Generator Core support
---> TPM HW Random Number Generator support
Save and exit the menuconfig.

If this is too much hassle for you, you can also edit your .config file and
add these 5 lines to it.CONFIG_HW_RANDOM_TPM=m
CONFIG_TCG_TPM=m
CONFIG_TCG_TIS_CORE=m
CONFIG_TCG_TIS_SPI=m
CONFIG_SECURITYFS=y

Before you unmount your RPI SD Card, open mnt/fat32/config.txt
and ensure the line dtparam=spi=on isn't commented out (so no # at the beginning of the line)
and add dtoverlay=letstrust-tpm
just beneath it.

Pagination

Seitenleiste

Step 2: Choose your OS

Raspbian Stretch: Please follow these blogpost for your Raspberry Pi, \o/.
Or you could patch your distribution by yourself and follow the instructions on this blogpost.
And for all Win 10 IoT users Windows 10 IoT Core for your Raspberry Pi 2/3. Set the "Discrete SPI TIS Class TPM on SPI0CS1" in the TPM configuration window.